The scariest part of this recent news is that TM Signal seem(ed) to be interoperable. People using TM Signal could interact with actual Signal users. How are you to know whether or not your groups have people using bastardized versions of Signal? Are things like Session interoperable with Signal?

  • utopiah@lemmy.ml
    4·
    8 hours ago

    how do you know you’re interacting with an authentic signal client, and not a bastardized one.

    I don’t think that’s the point… it does not matter. Even if it’s an authentic client, if the device (e.g. 0 day vulnerability on the OS) or the user (e.g. does not lock their phone while going to the bathroom) is compromised, your conversation is not secure.